github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
72 033 коммитов 1 534 Ветки 130 Теги 467 MiB
Граф коммитов

4576 Коммитов

Автор SHA1 Сообщение Дата
Cornelius Riemenschneider a66f8209f9 Rust: Vendor 3rdparty dependencies. 
We've been observing some performance issues using crate_universe on CI.
Therefore, we're moving to vendor the auto-generated BUILD files
in our repository. This should provide a nice speed boost, while
getting rid of the complexity of the "rust cache" job we've been using
when we had a lot of git dependencies.

This PR includes a vendor script, and I'll put up a CI job internally
that runs that vendor script on Cargo.toml and Cargo.lock changes, to check
that the vendored files are in sync.
 2024-11-13 13:22:14 +01:00
Cornelius Riemenschneider e8aa5db07a Rust: Update cargo dependencies. 
There was a recent round of tree-sitter-* package releases,
so the latest code is now a) released and b) available on crates.io.

Therefore, move away from the (super slow on CI) git dependencies to released crates instead.
This also includes a run of `cargo update`, so there's a bunch of more changes to the lockfile.
 2024-11-11 12:13:14 +01:00
github-actions[bot] f107d16b4e Post-release preparation for codeql-cli-2.19.3 2024-11-04 17:20:08 +00:00
github-actions[bot] cc7b724123 Release preparation for version 2.19.3 2024-11-04 16:37:28 +00:00
Tom Hvitved 03ffaac87a
Merge pull request #17880 from hvitved/ruby/symbol-string-key-indifference 
Ruby: Do not distinguish between symbols and strings in hash keys
 2024-11-01 10:43:56 +01:00
Tom Hvitved 6b60865d7e Ruby: Do not distinguish between symbols and strings in hash keys 2024-10-31 11:42:09 +01:00
Tom Hvitved 2b37c6cd32
Merge pull request #17548 from hvitved/shared/inline-test-post-process 
Shared: Post-processing query for inline test expectations
 2024-10-31 11:40:11 +01:00
Tom Hvitved f04a55ecb5 Ruby: Update hash extension tests 2024-10-31 11:00:33 +01:00
Anders Schack-Mulligen b556590ef8
Merge pull request #17663 from aschackmull/dataflow/speculative-flow 
Dataflow: Add support for speculative taint flow.
 2024-10-31 08:12:43 +01:00
Tom Hvitved 5b5ca05e87 Ruby: Post-processing query for inline test expectations 2024-10-29 13:35:33 +01:00
Tom Hvitved 7c4d5981dd Shared: Add missing spaces in inline test expectation output 2024-10-25 13:23:03 +02:00
Anders Schack-Mulligen 42d35f8b9d Ruby: Exclude some cases that are unlikely library calls. 2024-10-16 14:35:23 +02:00
Anders Schack-Mulligen c20f12fa6c Add qldoc. 2024-10-16 14:35:23 +02:00
Anders Schack-Mulligen 8eb0cb4c66 Ruby: Add tentative support for speculative taint flow. 2024-10-16 14:35:20 +02:00
Anders Schack-Mulligen c80627a3d3 Dataflow: add plumbing for adding provenance to state-steps. 2024-10-16 14:35:18 +02:00
github-actions[bot] 079ab77a38 Post-release preparation for codeql-cli-2.19.2 2024-10-15 12:16:59 +00:00
github-actions[bot] 255f55cf1a Release preparation for version 2.19.2 2024-10-15 10:29:25 +00:00
Geoffrey White 04c7319b6b
Merge pull request #17647 from geoffw0/warnings 
Rust: More information about extractor errors and warnings
 2024-10-10 16:19:15 +01:00
Geoffrey White 7420d07935
Update ruby/ql/lib/codeql/ruby/AST.qll 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2024-10-10 15:54:14 +01:00
Geoffrey White 8a895740ba Ruby: Move language specific code out of FileSystem.qll (at least for now). 2024-10-10 14:05:39 +01:00
Tom Hvitved 3a098d7449 Ruby: Adopt shared `ConditionalCompletionSplitting` implementation 2024-10-09 11:02:17 +02:00
Tom Hvitved f1afa2bf59 Ruby: Fix expected test output 2024-10-07 09:16:12 +02:00
Geoffrey White d4414dabff Ruby: Add change notes. 2024-10-03 17:40:18 +01:00
Geoffrey White 86cc2dc5a1 Ruby: Add rb/diagnostics/extraction-warnings so that we don't miss anything we had before. 2024-10-03 17:40:17 +01:00
Geoffrey White 1ea94faccf Ruby: Make similar changes to differentiate extraction errors and warnings, and mostly restore original behaviour. 2024-10-03 17:39:56 +01:00
Geoffrey White 4c7ec59306 Ruby: Sync identical files. 2024-10-03 17:17:37 +01:00
github-actions[bot] e97878ed63 Post-release preparation for codeql-cli-2.19.1 2024-09-30 19:49:00 +00:00
github-actions[bot] 455c8c5953 Release preparation for version 2.19.1 2024-09-30 17:59:48 +00:00
Tom Hvitved f389a889ad Exclude consistency output from `.gitignore` files 2024-09-26 11:09:54 +02:00
Tom Hvitved a3ad6f5697 Ruby: Weaken `scopeNoFirst` check 2024-09-26 11:07:15 +02:00
Tom Hvitved 90869ec96a
Merge pull request #17558 from hvitved/rust/cfg-consistency-queries 
Rust: Enable CFG consistency checks
 2024-09-25 15:14:44 +02:00
Tom Hvitved d299380a5a Rust: Enable CFG consistency checks 2024-09-25 10:56:44 +02:00
Arthur Baars 9b8cbdad49 Add QLDoc to Diagnostics.qll 2024-09-24 17:34:30 +02:00
Tom Hvitved 6a11120e50 Address review comments 2024-09-24 14:21:40 +02:00
Tom Hvitved f287216060 Update expected test output 2024-09-24 14:21:38 +02:00
Chuan-kai Lin 1cd8af54f2
Merge pull request #17190 from github/cklin/diff-informed-java-queries 
Java: add support for alert location restrictions
 2024-09-23 08:39:24 -07:00
Anders Schack-Mulligen 3a1e50dcf9 Dataflow: Simplify diff-informed implementation and tweak flag name. 2024-09-20 07:07:10 -07:00
Tom Hvitved 16813240ae Shared: Do not use `@kind graph` for CFG test output 2024-09-19 18:13:31 +02:00
Tom Hvitved ed9008a064 Update expected test output 2024-09-18 13:51:02 +02:00
Tom Hvitved d680a549bd
Merge pull request #16936 from hvitved/csharp/ssa-integration 
C#: Adopt shared SSA data-flow integration
 2024-09-17 13:45:31 +02:00
Chris Smowton 30be6803c3
Merge pull request #17480 from github/post-release-prep/codeql-cli-2.19.0 
Post-release preparation for codeql-cli-2.19.0
 2024-09-16 16:06:58 +01:00
github-actions[bot] 79be301984 Post-release preparation for codeql-cli-2.19.0 2024-09-16 14:09:32 +00:00
Tom Hvitved d0eae97bcf Address review comment 2024-09-16 14:46:23 +02:00
Paolo Tranquilli e280e1ebee
Merge pull request #17441 from github/redsun82/rust-cli-flags 
Rust: make the cli flags override automatic
 2024-09-16 14:37:43 +02:00
github-actions[bot] acdafd9646 Release preparation for version 2.19.0 2024-09-16 10:56:10 +00:00
Dave Bartolomeo 485fc04029 Initial merge from `main` 2024-09-15 08:55:31 -04:00
Paolo Tranquilli 0a8c0f5ab4 Rust: fix bazel build 2024-09-12 08:46:50 +02:00
Chuan-kai Lin ff78bebf19 Shared support for alert filtering 2024-09-11 13:18:26 -07:00
Paolo Tranquilli d8db0e43da Ruby: update new cargo target directory in make and actions 2024-09-11 11:01:10 +02:00
Paolo Tranquilli f624a1b7a7 Ruby: fix extractor pack script after workspace root change 2024-09-11 09:40:44 +02:00